SuSE Security Announcement
| Package: | lsh |
| Announcement-ID: | SuSE-SA:2003:041 |
| Date: | Wed Oct 1 10:24:45 CEST 2003 |
| Affected products: | 8.0, 8.1, 8.2 |
| Vulnerability Type: | remote code execution |
| Severity (1-10): | 5 |
| SuSE default package: | yes |
| Cross References: | – |
Content of this advisory:
- security vulnerability resolved: Buffer overflow in lsh.
problem description, discussion, solution and upgrade
information - pending vulnerabilities, solutions, workarounds:
- node
- proftp
- OpenSSL
- standard appendix (further information)
1) problem description, brief discussion, solution, upgrade
information
LSH is the GNU implementation of SSH and can be seen as an
alternative to OpenSSH.
Recently various remotely exploitable buffer overflows have been
reported in LSH. These allow attackers to execute arbitrary code as
root on un-patched systems.
LSH is not installed by default on SuSE Linux. An update is
therefore only recommended if you run LSH.
Maintained SuSE products are not affected by this bug as LSH is not
packaged on maintained products such as the Enterprise Server.
For the updates to take effect execute the following command as
root:
/usr/sbin/rclshd restart
Please download the update package for your distribution and
verify its integrity by the methods listed in section 3) of this
announcement. Then, install the package using the command “rpm -Fhv
file.rpm” to apply the update.
Our maintenance customers are being notified individually. The
packages are being offered to install from the maintenance web.
i386 Intel Platform:
SuSE-8.2:
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/lsh-1.5-114.i586.rpm
798f52402cda6c7e1733aed15bf0d9cb
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/lsh-1.5-114.i586.patch.rpm
9308cdb133d2311a9dc4a10bbf613501
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/lsh-1.5-114.src.rpm
1e1b5beac002cf51d1eea0277934a69d
SuSE-8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/lsh-1.4.2-73.i586.rpm
b5ff8ba104623fe9a77705154aad92f7
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/lsh-1.4.2-73.i586.patch.rpm
6341acd3fe513921b7123d7c1d98cc43
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/lsh-1.4.2-73.src.rpm
0a2b95e911f8760009ad0d5b2fd7618e
SuSE-8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/sec3/lsh-1.3.5-188.i386.rpm
bccfd85985bab8a324b25c1b2443bf2b
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/sec3/lsh-1.3.5-188.i386.patch.rpm
8a232720cb0a4b35d0899e9c6a4e80ae
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/lsh-1.3.5-188.src.rpm
8e3e30b134b12400559152bb5c53d0f8
2) Pending vulnerabilities in SuSE Distributions and
Workarounds:
- node A format string vulnerability has been fixed in the new
node packages available on our ftp servers. An update is
recommended if you use this package. - proftp A off-by-one buffer overflow has been fixed in the
proftp packages for SuSE Linux 7.2 and 7.3. Note that the bug that
was fixed is different from the ‘ASCII File Transfer Buffer Overrun
Vulnerability’ (CAN-2003-0831). The proftp packages shipped by SuSE
are not affected by CAN-2003-0831. - OpenSSL Critical bugs within the ASN.1 parsing routines have
been reported recently. We are currently building new packages and
will notify you in a separate advisory when the packages are
available.
3) standard appendix: authenticity verification, additional
information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers
all over the world. While this service is being considered valuable
and important to the free and open source software community, many
users wish to be sure about the origin of the package and its
content before installing the package. There are two verification
methods that can be used independently from each other to prove the
authenticity of a downloaded file or rpm package:
- md5sums as provided in the (cryptographically signed)
announcement. - using the internal gpg signatures of the rpm package.
- execute the command md5sum <name-of-the-file.rpm> after
you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in
the announcement. Since the announcement containing the checksums
is cryptographically signed (usually using the key [email protected]), the checksums show
proof of the authenticity of the package. We disrecommend to
subscribe to security lists which cause the email message
containing the announcement to be modified so that the signature
does not match after transport through the mailing list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless. - rpm package signatures provide an easy way to verify the
authenticity of an rpm package. Use the command rpm -v –checksig
<file.rpm> to verify the signature of the package, where
<file.rpm> is the filename of the rpm package that you have
downloaded. Of course, package authenticity verification can only
target an un-installed rpm package file. Prerequisites:- gpg is installed
- The package is signed using a certain key. The public part of
this key must be installed by the gpg program in the directory
~/.gnupg/ under the user’s home directory who performs the
signature verification (usually root). You can import the key that
is used by SuSE in rpm packages for SuSE Linux by saving this
announcement to a file (“announcement.txt”) and running the command
(do “su -” to be root): gpg –batch; gpg < announcement.txt |
gpg –import SuSE Linux distributions version 7.1 and thereafter
install the key “[email protected]”
upon installation or upgrade, provided that the package gpg is
installed. The file containing the public key is placed at the
top-level directory of the first CD (pubring.gpg) and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de
.- SuSE runs two security mailing lists to which any interested
party may subscribe:
- SuSE runs two security mailing lists to which any interested
- SuSE runs two security mailing lists to which any interested
party may subscribe:
- general/linux/SuSE security discussion. All SuSE security
announcements are sent to this list. To subscribe, send an email to
- SuSE’s announce-only mailing list. Only SuSE’s security
announcements are sent to this list. To subscribe, send an email to
For general information or the frequently asked questions (faq)
send mail to:
<[email protected]>
or
<[email protected]>
respectively. SuSE’s security contact is <[email protected]> or
<[email protected]>. The
<[email protected]>
public key is listed below.
The information in this advisory may be distributed or
reproduced, provided that the advisory is not modified in any way.
In particular, it is desired that the clear-text signature shows
proof of the authenticity of the text.
SuSE Linux AG makes no warranties of any kind whatsoever with
respect to the information contained in this security advisory.
| Type | Bits/KeyID | Date | User ID |
| pub | 2048R/3D25D3D9 | 1999-03-06 | SuSE Security Team <[email protected]> |
| pub | 1024D/9C800ACA | 2000-10-19 | SuSE Package Signing Key <[email protected]> |
SuSE Security Announcement
| Package: | mysql |
| Announcement-ID: | SuSE-SA:2003:042 |
| Date: | Wed Oct 1 12:12:38 CEST 2003 |
| Affected products: | 7.2, 7.3, 8.0, 8.1, 8.2 SuSE Linux Connectivity Server SuSE Linux Enterprise Server 7, 8 SuSE Linux Office Server UnitedLinux 1.0 |
| Vulnerability Type: | remote code execution |
| Severity (1-10): | 5 |
| SuSE default package: | no |
| Cross References: | – |
Content of this advisory:
- security vulnerability resolved: Buffer overflow in mysql.
problem description, discussion, solution and upgrade
information - pending vulnerabilities, solutions, workarounds:
- OpenSSL
- standard appendix (further information)
1) problem description, brief discussion, solution, upgrade
information
A remotely exploitable buffer overflow within the authentication
code of MySQL has been reported. This allows remote attackers who
have access to the ‘User’ table to execute arbitrary commands as
mysql user. The list of affected packages is as follows: mysql,
mysql-client, mysql-shared, mysql-bench, mysql-devel, mysql-Max. In
this advisory the MD5 sums for the mysql, mysql-shared and
mysql-devel packages are listed.
To be sure the update takes effect you have to restart the MySQL
server by executing the following command as root:
/usr/sbin/rcmysql restart
Please download the update package for your distribution and
verify its integrity by the methods listed in section 3) of this
announcement. Then, install the package using the command “rpm -Fhv
file.rpm” to apply the update.
Our maintenance customers are being notified individually. The
packages are being offered to install from the maintenance web.
i386 Intel Platform:
SuSE-8.2:
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mysql-3.23.55-22.i586.rpm
41e8d3781aeedd2e48837293d261f9e2
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mysql-shared-3.23.55-22.i586.rpm
b75bdea7f484305c62415cd7412151af
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mysql-devel-3.23.55-22.i586.rpm
264920dc6e1def4e26253cc3d82f2fc7
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mysql-3.23.55-22.i586.patch.rpm
82bac86826eb08ccf8c3204a792e0df1
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mysql-shared-3.23.55-22.i586.patch.rpm
ea14dd33b2e390009513209e71229cd3
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mysql-devel-3.23.55-22.i586.patch.rpm
b8e64deab45bdd05657a5447b4e279eb
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/mysql-3.23.55-22.src.rpm
fd33faf5fe7efc9f9c5871db37ea88b4
SuSE-8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mysql-3.23.52-106.i586.rpm
e7488a05d07282bbd8317f834c24f0d4
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mysql-shared-3.23.52-106.i586.rpm
e6db8d49932368487a334d803572ed4e
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mysql-devel-3.23.52-106.i586.rpm
9c6c4ab2b8a461ca391a2453d05d9b71
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mysql-3.23.52-106.i586.patch.rpm
37960d363c09a1123c25b11d6a753968
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mysql-shared-3.23.52-106.i586.patch.rpm
77d66503d21447bd1dd8339463c7b25b
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mysql-devel-3.23.52-106.i586.patch.rpm
c747e07c307e9619cf04a3e2c8cc369f
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/mysql-3.23.52-106.src.rpm
952c96bc22740b252e151c27537e5c1b
SuSE-8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap2/mysql-3.23.48-81.i386.rpm
7126396c99deb931dda869fdc8e5e6ef
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap2/mysql-shared-3.23.48-81.i386.rpm
6cfa50d58f7b23201f2056d6097c4161
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/mysql-devel-3.23.48-81.i386.rpm
23d978a491c8a0a0035142276ae9c806
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap2/mysql-3.23.48-81.i386.patch.rpm
49833c754e880fba15e579ad32d6861c
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap2/mysql-shared-3.23.48-81.i386.patch.rpm
3eba782210bf2e3a714616571bea0066
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/mysql-devel-3.23.48-81.i386.patch.rpm
9d6d58e8da20ea06bfd3207c44925190
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/mysql-3.23.48-81.src.rpm
bc8db10701bdaee4da9776a6dc49fc29
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/mysql-3.23.44-28.i386.rpm
f3171ff82e6d3fbf9913cfb58d984602
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap2/mysql-shared-3.23.44-28.i386.rpm
db2fe45728f6073f15c6440538926828
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/mysql-devel-3.23.44-28.i386.rpm
278a0338ed3a6ae65c7328f422f7abfc
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/mysql-3.23.44-28.src.rpm
c1076bca4b5a7d750f72811c097e92fa
SuSE-7.2:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/ap3/mysql-3.23.37-62.i386.rpm
2b5af68cb036119322a8a666fa68046b
ftp://ftp.suse.com/pub/suse/i386/update/7.2/ap2/mysql-shared-3.23.37-62.i386.rpm
d1f95967eb77ff7b8761ec27795cb740
ftp://ftp.suse.com/pub/suse/i386/update/7.2/ap3/mysql-devel-3.23.37-62.i386.rpm
e8cd7dda9473259239458b5e008c6924
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/mysql-3.23.37-62.src.rpm
e3c0693bda7d898ffc5bfb8f23478e7e
Sparc Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/ap3/mysql-3.23.44-24.sparc.rpm
52a66dfd5f2f330240dab5e59c412ef7
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/ap2/mysql-shared-3.23.44-24.sparc.rpm
6060be5ff51994e0ab73e8afc7ba2f26
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/ap3/mysql-devel-3.23.44-24.sparc.rpm
802c951032a42b1b21f51ab53af502c9
source rpm(s):
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/mysql-3.23.44-24.src.rpm
350c8fcc5522c08ca9096803cc34dd42
PPC Power PC Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/mysql-3.23.44-32.ppc.rpm
4dfbca3cbc9e9a3f8f36ab19a7bb4093
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap2/mysql-shared-3.23.44-32.ppc.rpm
068cbab05a37e74b9f57abcae7eb6b64
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/mysql-devel-3.23.44-32.ppc.rpm
c897ad4fa5a724c11efabbecfdd929c4
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/mysql-3.23.44-32.src.rpm
aa219acd13b73c45e2b418e8df03a1ee
2) Pending vulnerabilities in SuSE Distributions and
Workarounds:
- OpenSSL Critical bugs within the ASN.1 parsing routines have
been reported recently. We are currently building new packages and
will notify you in a separate advisory when the packages are
available.
3) standard appendix: authenticity verification, additional
information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers
all over the world. While this service is being considered valuable
and important to the free and open source software community, many
users wish to be sure about the origin of the package and its
content before installing the package. There are two verification
methods that can be used independently from each other to prove the
authenticity of a downloaded file or rpm package:
- md5sums as provided in the (cryptographically signed)
announcement. - using the internal gpg signatures of the rpm package.
- execute the command md5sum <name-of-the-file.rpm> after
you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in
the announcement. Since the announcement containing the checksums
is cryptographically signed (usually using the key [email protected]), the checksums show
proof of the authenticity of the package. We disrecommend to
subscribe to security lists which cause the email message
containing the announcement to be modified so that the signature
does not match after transport through the mailing list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless. - rpm package signatures provide an easy way to verify the
authenticity of an rpm package. Use the command rpm -v –checksig
<file.rpm> to verify the signature of the package, where
<file.rpm> is the filename of the rpm package that you have
downloaded. Of course, package authenticity verification can only
target an un-installed rpm package file. Prerequisites:- gpg is installed
- The package is signed using a certain key. The public part of
this key must be installed by the gpg program in the directory
~/.gnupg/ under the user’s home directory who performs the
signature verification (usually root). You can import the key that
is used by SuSE in rpm packages for SuSE Linux by saving this
announcement to a file (“announcement.txt”) and running the command
(do “su -” to be root): gpg –batch; gpg < announcement.txt |
gpg –import SuSE Linux distributions version 7.1 and thereafter
install the key “[email protected]”
upon installation or upgrade, provided that the package gpg is
installed. The file containing the public key is placed at the
top-level directory of the first CD (pubring.gpg) and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de
.- SuSE runs two security mailing lists to which any interested
party may subscribe:
- SuSE runs two security mailing lists to which any interested
- SuSE runs two security mailing lists to which any interested
party may subscribe:
- general/linux/SuSE security discussion. All SuSE security
announcements are sent to this list. To subscribe, send an email to
- SuSE’s announce-only mailing list. Only SuSE’s security
announcements are sent to this list. To subscribe, send an email to
For general information or the frequently asked questions (faq)
send mail to:
<[email protected]>
or <[email protected]>
respectively. SuSE’s security contact is <[email protected]> or
<[email protected]>. The
<[email protected]>
public key is listed below.
The information in this advisory may be distributed or
reproduced, provided that the advisory is not modified in any way.
In particular, it is desired that the clear-text signature shows
proof of the authenticity of the text.
SuSE Linux AG makes no warranties of any kind whatsoever with
respect to the information contained in this security advisory.
| Type | Bits/KeyID | Date | User ID |
| pub | 048R/3D25D3D9 | 1999-03-06 | SuSE Security Team <[email protected]> |
| pub | 1024D/9C800ACA | 2000-10-19 | SuSE Package Signing Key <[email protected]> |